Here is a quote from the web2py docs: "Making a secure connection Sometimes it is necessary (and advised) to connect to your database using secure connection, especially if your database is not on the same server as your application. In this case you need to pass additional parameters to the database driver. You should refer to database driver documentation for details. For PostgreSQL with psycopg2 it should look like this: DAL('postgres://user_name:user_password@server_addr/db_name', driver_args={'sslmode': 'require', 'sslrootcert': 'root.crt', 'sslcert': 'postgresql.crt', 'sslkey': 'postgresql.key'})" <<END QUOTE>>
I am wondering if this feature is still necessary for a secure db connection in case I anyway use SSL for the site. Does this secure postgres feature need to be used on top of existing SSL connection? Or it's rather for non-ssl site to make a db connection secure? -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/web2py/80a95bc2-94d3-49b0-af02-9f9681b7651e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.